From 27c4b75caa24e163baa8e8fc9527d6fbe178f6fd Mon Sep 17 00:00:00 2001
From: kaiyou <dev@kaiyou.fr>
Date: Wed, 12 Mar 2025 14:51:06 +0100
Subject: [PATCH] Rewrite the Dockerfile again

---
 Dockerfile | 33 +++++++++++++--------------------
 1 file changed, 13 insertions(+), 20 deletions(-)

diff --git a/Dockerfile b/Dockerfile
index 885d97f4d..c4bb06ec1 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,4 @@
-FROM golang:1.23 as builder
-ARG VERSION="dev"
+FROM golang:1.23 as gobuild
 WORKDIR /usr/src/app
 ENV CGO_ENABLED=0
 ENV GO111MODULE=on
@@ -7,26 +6,20 @@ COPY go.mod go.sum ./
 RUN go mod download && go mod verify
 COPY . .
 RUN make build-manager \
- && mv bin/manager /manager_amd64
+ && mkdir -p /dist/manager \
+ && mv bin/manager /dist/manager/manager_amd64
 
-FROM alpine:latest
-ARG VERSION="dev"
-ENV SUMMARY="CloudNativePG Operator Container Image." \
-    DESCRIPTION="This Docker image contains CloudNativePG Operator."
-LABEL summary="$SUMMARY" \
-      description="$DESCRIPTION" \
-      io.k8s.display-name="$SUMMARY" \
-      io.k8s.description="$DESCRIPTION" \
-      name="CloudNativePG Operator" \
-      vendor="CloudNativePG Contributors" \
-      url="https://cloudnative-pg.io/" \
-      version="$VERSION" \
-      release="1"
+# This builder stage it's only because we need a command
+# to create a symlink and we do not have it in a distroless image
+FROM gcr.io/distroless/static-debian12:debug-nonroot AS builder
+SHELL ["/busybox/sh", "-c"]
+RUN ln -sf operator/manager_amd64 manager
+
+FROM gcr.io/distroless/static-debian12:nonroot
 WORKDIR /
-RUN apk --no-cache add ca-certificates tzdata
+COPY --from=gobuild --chown=nonroot:nonroot --chmod=0755 /dist/manager/* operator/
+COPY --from=builder /home/nonroot/ .
 COPY licenses /licenses
 COPY LICENSE /licenses
-COPY --from=builder /manager_amd64 /bin/
-RUN ln -sf /bin/manager_amd64 manager
 USER 65532:65532
-ENTRYPOINT [ "/manager" ]
+ENTRYPOINT ["/manager"]
-- 
GitLab